Adds a check for the minimum mainline GCC version for FORTIFY_SOURCE support and enables -D_FORTIFY_SOURCE=2 by default when building with --enable-debug. Signed-off-by: Allan McRae <allan@archlinux.org> --- acinclude.m4 | 23 +++++++++++++++++++++++ configure.ac | 1 + 2 files changed, 24 insertions(+), 0 deletions(-) diff --git a/acinclude.m4 b/acinclude.m4 index 1524a3d..80b0ba0 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -4910,6 +4910,29 @@ AC_DEFUN([GCC_STACK_PROTECT_CC],[ fi ]) +dnl GCC_FORTIFY_SOURCE_CC +dnl checks -D_FORTIFY_SOURCE with the C compiler, if it exists then updates +dnl CFLAGS +AC_DEFUN([GCC_FORTIFY_SOURCE_CC],[ + AC_LANG_ASSERT(C) + if test "X$CC" != "X"; then + AC_MSG_CHECKING(for FORTIFY_SOURCE support) + AC_TRY_COMPILE([#include <features.h>], [ + int main() { + #if !(__GNUC_PREREQ (4, 1) ) + #error No FORTIFY_SOURCE support + #endif + return 0; + } + ], [ + AC_MSG_RESULT(yes) + CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2" + ], [ + AC_MSG_RESULT(no) + ]) + fi +]) + dnl GCC_VISIBILITY_CC dnl checks -fvisibility=internal with the C compiler, if it exists then dnl defines ENABLE_VISIBILITY_CC in both configure script and Makefiles diff --git a/configure.ac b/configure.ac index b4570f5..76e36c8 100644 --- a/configure.ac +++ b/configure.ac @@ -316,6 +316,7 @@ if test "x$debug" = "xyes" ; then # Check for -fstack-protector availability GCC_STACK_PROTECT_LIB GCC_STACK_PROTECT_CC + GCC_FORTIFY_SOURCE_CC CFLAGS="$CFLAGS -g -Wall -Werror" else AC_MSG_RESULT(no) -- 1.7.3